Cointime

Download App
iOS & Android

How to Build a Fake Decentralized Cross-Chain Protocol

Validated Media

Adam Back (Bitcoin core development team leader, BlockStream CEO) has a sentence that impressed me, "Great design looks very simple, but the process of designing it is extremely complicated". But not all product designs that look simple, like LayerZero, are great.

Everyone thinks it's safe until the cross-chain protocol goes down, but when it does, it's a big, scary thing. Security incidents on cross-chain protocols topped the list in terms of the amount of money lost to security incidents that occurred on each chain over the past two years. The importance and urgency of solving cross-chain protocol security issues is even greater than Ethereum scaling. Interoperability between cross-chain protocols is an inherent requirement of Web3 connectivity. The amount of financing for such agreements is often huge, and the number of TVLS and deals is growing, driven by rigid demand. However, due to the low recognition degree of the public, the security level of these cross-chain protocols cannot be recognized.

Let's start with a product design architecture. The communication process between Chain A and Chain B is carried out by Relayer, and Oracle supervises Relayer. First of all, this architecture has the advantage of avoiding the traditional communication between ChainA and ChainB by the third chain (generally not deployed dApp in this chain) to complete the consensus algorithm and dozens of nodes verification, so it can bring "fast cross-chain" user experience to end users. Because the architecture is light, the code is minimal, and Oracle has a Chainlink, this type of project is easy to launch, but also easy to imitate, and the technical threshold is Zero.

Fake decentralized cross-chain protocol, basic version

There are at least two problems with the above architecture:

  1. LayerZero reduces the verification of dozens of nodes to a single Oracle verification, which naturally greatly reduces the security factor.
  2. After simplification into a single verification, it is necessary to assume that Relayer and Oracle are independent. However, this trust hypothesis cannot be established forever and is not Crypto Native enough to fundamentally guarantee that the two cannot conspire to do evil.

This is the basic pattern that LayerZero adopts. As an "ultralights" cross-chain solution of a separate security type, it is only responsible for transferring messages and is not responsible for the security of the application, nor is it capable of being responsible.

How about freeing Relayer so that everyone can run the repeater? Figure 2 enlarges the number of figures in Figure 1. First of all, Decentralized does not mean a decentralized number of operators so that everyone can join. It is called Permissionless. The demand side has always been Permissionless, and the supply side also Permissionless is not an epoch-making change. It is a change on the market side, which has nothing to do with the security of the product itself. LayerZero's Relayer was simply an intermediary responsible for forwarding information, essentially a Trusted Third Party like Oracle. Trying to improve cross-chain security by increasing the number of trusted principals from 1 to 30 is a fool's errand. Instead of changing product features, new problems will be created.

Fake decentralized cross-chain Protocol Advanced Edition

If a cross-chain token project allows the configured LayerZero node to be modified, it could be replaced with its own "Layerzero" node by an attacker, thus forging arbitrary messages. As a result, projects using Layerzero still have a huge security problem, which is worse in more complex scenarios. The replacement of just one link in a large system can cause a chain reaction. LayerZero doesn't have the potential to solve this problem on its own. If a security incident does occur, LayerZero will naturally pass the buck to an external application. Because end users need to carefully judge the security of each LayerZero project, those "user-oriented" projects will carefully access LayerZero to avoid being polluted by malicious applications that belong to the same ecosystem, which makes it difficult to build an ecosystem.

If Layer0 can't share security like Layer1 or Layer2, then Layer0 can't be called Infrastructure, because infrastructure is "basic" because it can share security. If a project party calls itself Infrastructure, it should provide consistent security for all of its ecological projects like any other infrastructure, that is, all ecological projects share the security of the infrastructure. So LayerZero isn't exactly Infrastructure, it's Middleware. App developers who access the Middleware SDK/API do have the freedom to define their security policies.

The L2BEAT team wrote on January 5, 2023, Circumventing Layer Zero: Why Isolated Security is No Security, arguing that their assumption that app owners (or people with private keys) can't do evil is incorrect. Bad guy Bob gains access to the LayerZero configuration. Bad guy Bob can change the seer and repeater from default components to components he controls, convincing the LayerZero smart contract on Ethereum to let him withdraw all of the good guy Alice's tokens on Ethereum. The original link: https://medium.com/l2beat/circumventing-layer-zero-5e9f652a5d3e

The Nomad team posted on January 31, 2023, that the LayerZero repeater has two critical vulnerabilities that are currently in a two-party, multiple-signed state, so they can only be exploited by insiders or team members with known identities. The first allows a fraudulent message to be sent from LayerZero with multiple signatures, and the second allows a message to be modified after the prophecy machine and multiple signatures have signed the message or transaction, both resulting in the theft of all user funds. The original link: https://prestwich.substack.com/p/zero-validation

When confused by fancy watches, try to go back to your roots.

On October 31, 2008, the Bitcoin White Paper appeared. On January 3, 2009, BTC Genesis block was born. An excerpt from the white paper, "Bitcoin: A Peer-to-Peer Electronic Money System":

Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution. Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work. The longest chain not only serves as proof of the sequence of events witnessed but proof that it came from the largest pool of CPU power. As long as a majority of CPU power is controlled by nodes that are not cooperating to attack the network, they'll generate the longest chain and outpace attackers. The network itself requires minimal structure. Messages are broadcast on a best-effort basis, and nodes can leave and rejoin the network at will, accepting the longest proof-of-work chain as proof of what happened while they were gone.

(By Frederick Kang, founder of Fox Tech and Way Network and chairman of Danyang Investment)

Read more: https://tokeninsight.com/en/research/miscellaneous/how-to-build-a-fake-decentralized-cross-chain-protocol

Comments

All Comments

Recommended for you

  • A Total of 37,212.18 DMD Permanently Burned Over the Past 7 Days

    July 9, 2026 — According to the latest on-chain data released by DMDAO, a total of 37,212.18 DMD has been permanently burned over the past seven calendar days through the protocol's predefined trading and wealth management burn mechanisms.

  • Whale Transfers 1,133 BTC to Coinbase Prime, Valued at $71.48 Million

    According to Onchain Lens monitoring, a whale transferred 1,133 BTC from Coinbase to Coinbase Prime through an intermediary wallet, valued at $71.48 million.

  • U.S. AI Chip Stocks Decline Before Market Open, Intel Falls Over 3%

    On July 7, U.S. AI chip stocks experienced widespread declines before the market opened. Intel dropped over 3%, while AMD, Qualcomm, and NXP fell more than 2%. TSMC, Broadcom, and Tesla decreased by over 1%, and NVIDIA declined by 0.7%.

  • China's Central Bank Increases Gold Reserves for the 20th Consecutive Month

    As of the end of June, China's gold reserves stood at 75.44 million ounces (approximately 2,346.446 tons), an increase of 480,000 ounces (about 14.93 tons) from the end of May, which reported 74.96 million ounces (approximately 2,331.52 tons). This marks the 20th consecutive month of gold accumulation.

  • China's Foreign Exchange Reserves in June at $341.6262 Billion

    On July 7, China's foreign exchange reserves for June stood at $341.6262 billion, a decrease of $26 billion from the end of May, representing a decline of 0.75%, with expectations set at $343.2 billion.

  • U.S. Storage Stocks Drop Pre-Market, SanDisk and Micron Down Over 4%

    On July 7, U.S. storage concept stocks collectively fell in pre-market trading. Western Digital dropped over 5%, SanDisk and Micron Technology fell over 4%, Seagate Technology declined over 3%, Rambus fell over 2%, and SMI fell over 1%.

  • U.S. Stocks in Optical Communication Sector Drop Pre-Market

    On July 7, stocks in the optical communication sector of the U.S. market collectively fell pre-market. Astera Labs dropped over 4%, while Marvell Technology, Credo Technology, and AXT Inc. fell more than 3%. Tower Semiconductor, MaxLinear, Corning, Applied Optoelectronics, GlobalFoundries, Lumentum, and Qorvo all declined by more than 2%. Coherent, Nokia, Amphenol, and Broadcom dropped over 1%.

  • Pre-market Decline in U.S. Storage Stocks

    In pre-market trading, U.S. storage concept stocks experienced a widespread decline, with Micron Technology falling by 4.8%, SanDisk dropping over 4%, Corning down more than 2%, and Intel decreasing by over 3%.

  • Two Departments: Support for Reinsurance Institutions to Increase Capital and Issue Supplementary Capital Tools

    On July 7, the National Financial Supervision and Administration Bureau and the Shanghai Municipal Government released several measures to accelerate the construction of the Shanghai International Reinsurance Center. Among these measures, they proposed to enhance the quality and efficiency of the reinsurance industry, support reinsurance institutions in increasing capital and expanding shares, and issuing supplementary capital tools to improve the capacity for internal capital accumulation and external capital supplementation, thereby strengthening the reinsurance industry's capabilities. The initiative aims to guide the insurance industry to focus on major national projects, strategic emerging industries, and livelihood security, consolidating insurance and reinsurance underwriting capabilities to enhance risk protection levels. It also supports reinsurance institutions in leveraging their professional technical advantages to assist the insurance industry in reducing risk.

  • Sources: Saudi Arabia Plans to Expand Oil Pipeline to Red Sea, Increasing Capacity by 2 Million Barrels Daily to Bypass Strait of Hormuz

    On July 7, five informed sources revealed that Saudi Arabia is considering expanding the crude oil pipeline capacity to its western coast on the Red Sea, allowing Saudi Arabia and its neighbors to transport more oil without passing through the Strait of Hormuz. This east-west pipeline, built in the early 1980s, has gained strategic importance since the outbreak of the Iran war in February and the disruption of shipping in the Strait of Hormuz. The pipeline can deliver up to 7 million barrels of crude oil per day to the Red Sea port. The CEO of Saudi Aramco stated in May that approximately 2 million barrels are supplied to west coast refineries, while about 5 million barrels are for export. Sources indicate that Saudi Arabia is in preliminary discussions with some neighboring countries regarding the pipeline expansion, aiming to add about 2 million barrels of pipeline capacity per day. It remains unclear whether Aramco's planned expansion involves upgrading existing infrastructure or constructing new pipelines. One source mentioned that the expansion plan also includes a smaller refined oil pipeline. Two sources indicated that the expansion scale could range from 1 million to 2 million barrels per day, with refined oil also being considered. Another source stated that the project would take several years and cost billions of dollars, requiring adjustments to Saudi crude pricing mechanisms.